I currently use KeepassXC that is synced through NextCloud. The sync isn’t very elegant, especially on my phone. So I’m looking for a new password manager, which has a native server sync support that I can self host. What do y’all recommend? I need at least a phone app and a browser integration that can autofill.
I use KeepassXC on desktop, KeepassDX on my phone and keep it all synced with Syncthing. Works great
This is the way.
Big fan of Keeppass + syncing program of choice. It has served me well for years. If you don’t like nextcloud pick a different syncing app.
I’ve been using Bitwarden for years now. Their free tier is amazing, they’re rarely down, and it’s open source with extensions and apps for every platform.
I tried Proton Pass for a minute while Bitwarden was offline, but quickly ran back to Bitwarden. Proton’s extension kept logging out for some reason. I didn’t care enough to troubleshoot it.
Most here won’t like this answer. 1Password.
I’ve used it for years and it just works well for me. Finally convinced my spouse to also use it a couple of years ago. Switching is not an option since it took years of convincing to make that happen.
There’s a lot of arguments for one solution or the other based on security or privacy, but let me present a different scenario:
Imagine you’re in a natural disaster. Your home based self hosted server is down because of a general rolling network outage or just irrecoverably destroyed. Your offsite on the other side of the county is in a similar state. Can your cloud hosted backup be accessed at generic, public computer in a shelter or public building?
Bitwarden can. It has specific instructions for doing so as safely as possible.
If you can’t self host --> KeePass If you can self host --> Vaultwarden
Is VW audited in the same way that BW is?
I’m not completely sure, but doesn’t Bitwarden encrypt all data before it reaches the server? That means the server implementation is a bit less important. I guess you probably don’t want to be leaking even encrypted databases though since there is a chance they could be cracked.
Really I don’t know, surely a bit less but in my opinion, not that much
I hear good thing about Vaultwarden, but the web UI is horrible.
Vaultwarden’s web UI is very confusing, especially the search feature. And it’s difficult to move items between folders/collection. The desktop app is available as DEB/RPM package but without auto-update, which isn’t great.
Fon now I’m sticking to KeepassXC because the desktop app for my Linux distribution has a package for it and allows auto-update. The UI works well, and it has decent browser integration. Syncing isn’t smooth, but I can live with this.
Vaultwarden is not to be used in itself you can for example use the bitwarden app but with your vaultwarden server
You’re right. Above, I was referring to the bitwarden desktop app. See https://github.com/bitwarden/desktop
It’s an electron app, and there’s no auto-update solution for DEB packages (ie no DEB repo for apt auto update).
Some people are probably happy with it, but I prefer KeepassXC which is more lightweight (ie not electron based) and can auto update via APT.
Selfhosted VaultWarden with Bitwarden browser apps and KeyGuard on my phone, which I like better than the Bitwarden app.
Correct me if I’m wrong: if something happens to your vaultwarden instance, aren’t you at risk of losing everything? I do use bitwarden, but I could never self host it. Too important. ID rather use keepass with syncthing so that more than one of my devices have my passwords
That’s what backups are for. No matter what solution I use, I would need backups. I used to use LastPass, but that just relied on LastPass to do the backups. I backup the database, but you can also periodically export the data and back that up somewhere securely on your own if you want it in a different format.
I also self host Vault Warden. I have my vault automatically exported to Google Drive as an encrypted copy. So worst case I can download from there, and import it to a new password manager or another Bitwarden instance if my server borks.
Since I started using a password manager, I’ve basically forgoten every one of my other passwords. I wouldn’t be able to log in to my drive
Same here. But the bitwarden apps have a local copy of the vault. So you can always prevent them from syncing and use it to get the password. Assuming you have your phone still.
You can always have an offsite copy of the vault on a HDD somewhere. It’ll be outdated, but at least it’ll have the Google account. :)
Maybe. Why do you self host it? I’m not saying there are no benefits. I just think it’s not worth it
Bitwarden has features I wanted and was better than the browser password manager I used previously. I already selfhost other apps so adding another one wasn’t an issue. Plus it’s free.
Vaultwarden is perfect imo
deleted by creator
I used to be a rabid advocate of self hosting password managers, and was switching between Vaultwarden and KeepassXC every few months. But Proton offered a lifetime subscription to Proton Pass with unlimited Simple login aliases, and I bought it now use this exclusively.
Hackers have increased their focus on cracking password managers by extracting data from RAM and registry, compromising local and cloud storage. 25% is a threefold increase compared to the previous year’s figures.
deleted by creator
Bitwarden
Never looked back.
Have you tried syncthing? It works great with keepassxc.
Vaultwarden is pretty easy to self host.
Have been using it for 2+ years with 3 devices, no problem
+1 for Keepass + Syncthing. Free, no cloud, always synced.
Yeah this is me. It’s been just perfect for many years now.
This is faultless for me
Which one? Or both?
Actually keepassdx, and sounding syncthing
Bitwarden is excellent and the paid plan is very reasonable unlike with others.
